[netfilter-cvslog] r7518 - in branches/ulog/ulogd2: . doc input/packet
pablo at netfilter.org
pablo at netfilter.org
Tue Apr 29 16:34:30 CEST 2008
Author: pablo at netfilter.org
Date: 2008-04-29 16:34:30 +0200 (Tue, 29 Apr 2008)
New Revision: 7518
Modified:
branches/ulog/ulogd2/doc/mysql-ulogd2.sql
branches/ulog/ulogd2/doc/pgsql-ulogd2.sql
branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c
branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c
branches/ulog/ulogd2/ulogd.conf.in
Log:
This patchset adds support for the "numeric_label" option. For instance, it
can be used to determine if the packet has been dropped, rejected or accepted.
The meaning of label is completely user-defined.
Signed-off-by: Eric Leblond <eric at inl.fr>
Modified: branches/ulog/ulogd2/doc/mysql-ulogd2.sql
===================================================================
--- branches/ulog/ulogd2/doc/mysql-ulogd2.sql 2008-04-29 14:18:17 UTC (rev 7517)
+++ branches/ulog/ulogd2/doc/mysql-ulogd2.sql 2008-04-29 14:34:30 UTC (rev 7518)
@@ -58,6 +58,7 @@
`ip_csum` smallint(5) unsigned default NULL,
`ip_id` smallint(5) unsigned default NULL,
`ip_fragoff` smallint(5) unsigned default NULL,
+ `label` tinyint(3) unsigned default NULL,
`timestamp` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
UNIQUE KEY `key_id` (`_id`)
) ENGINE=INNODB COMMENT='Table for IP packets';
@@ -213,7 +214,8 @@
icmpv6_echoseq,
icmpv6_csum,
mac_saddr as mac_saddr_str,
- mac_protocol as oob_protocol
+ mac_protocol as oob_protocol,
+ label as raw_label
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
@@ -493,7 +495,8 @@
_ip_ihl tinyint(3) unsigned,
_ip_csum smallint(5) unsigned,
_ip_id smallint(5) unsigned,
- _ip_fragoff smallint(5) unsigned
+ _ip_fragoff smallint(5) unsigned,
+ _label tinyint(4) unsigned
) RETURNS int(10) unsigned
SQL SECURITY INVOKER
NOT DETERMINISTIC
@@ -501,10 +504,10 @@
BEGIN
INSERT INTO ulog2 (oob_time_sec, oob_time_usec, oob_hook, oob_prefix, oob_mark, oob_in, oob_out, oob_family,
ip_saddr, ip_daddr, ip_protocol, ip_tos, ip_ttl, ip_totlen, ip_ihl,
- ip_csum, ip_id, ip_fragoff ) VALUES
+ ip_csum, ip_id, ip_fragoff, label ) VALUES
(_oob_time_sec, _oob_time_usec, _oob_hook, _oob_prefix, _oob_mark, _oob_in, _oob_out, _oob_family,
_ip_saddr, _ip_daddr, _ip_protocol, _ip_tos, _ip_ttl, _ip_totlen, _ip_ihl,
- _ip_csum, _ip_id, _ip_fragoff);
+ _ip_csum, _ip_id, _ip_fragoff, _label);
RETURN LAST_INSERT_ID();
END
$$
@@ -660,7 +663,8 @@
icmpv6_echoseq smallint(5) unsigned,
icmpv6_csum int(10) unsigned,
mac_saddr varchar(32),
- mac_protocol smallint(5)
+ mac_protocol smallint(5),
+ _label tinyint(4) unsigned
) RETURNS bigint unsigned
READS SQL DATA
BEGIN
@@ -668,7 +672,7 @@
_oob_mark, _oob_in, _oob_out, _oob_family,
_ip_saddr, _ip_daddr, _ip_protocol, _ip_tos,
_ip_ttl, _ip_totlen, _ip_ihl, _ip_csum, _ip_id,
- _ip_fragoff);
+ _ip_fragoff, _label);
IF _ip_protocol = 6 THEN
CALL PACKET_ADD_TCP_FULL(@lastid, tcp_sport, tcp_dport, tcp_seq, tcp_ackseq,
tcp_window, tcp_urg, tcp_urgp, tcp_ack, tcp_psh,
Modified: branches/ulog/ulogd2/doc/pgsql-ulogd2.sql
===================================================================
--- branches/ulog/ulogd2/doc/pgsql-ulogd2.sql 2008-04-29 14:18:17 UTC (rev 7517)
+++ branches/ulog/ulogd2/doc/pgsql-ulogd2.sql 2008-04-29 14:34:30 UTC (rev 7518)
@@ -57,6 +57,7 @@
ip_csum integer default NULL,
ip_id integer default NULL,
ip_fragoff smallint default NULL,
+ label smallint default NULL,
timestamp timestamp NOT NULL default 'now'
) WITH (OIDS=FALSE);
@@ -191,7 +192,8 @@
icmpv6_echoseq,
icmpv6_csum,
mac_saddr AS mac_saddr_str,
- mac_protocol AS oob_protocol
+ mac_protocol AS oob_protocol,
+ label AS raw_label
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
@@ -360,13 +362,14 @@
IN ip_ihl integer,
IN ip_csum integer,
IN ip_id integer,
- IN ip_fragoff integer
+ IN ip_fragoff integer,
+ IN label integer
)
RETURNS bigint AS $$
INSERT INTO ulog2 (oob_time_sec,oob_time_usec,oob_hook,oob_prefix,oob_mark,
oob_in,oob_out,oob_family,ip_saddr_str,ip_daddr_str,ip_protocol,
- ip_tos,ip_ttl,ip_totlen,ip_ihl,ip_csum,ip_id,ip_fragoff)
- VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18);
+ ip_tos,ip_ttl,ip_totlen,ip_ihl,ip_csum,ip_id,ip_fragoff,label)
+ VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19);
SELECT currval('ulog2__id_seq');
$$ LANGUAGE SQL SECURITY INVOKER;
@@ -492,13 +495,14 @@
IN icmpv6_echoseq integer,
IN icmpv6_csum integer,
IN mac_saddr varchar(32),
- IN mac_protocol integer
+ IN mac_protocol integer,
+ IN label integer
)
RETURNS bigint AS $$
DECLARE
_id bigint;
BEGIN
- _id := INSERT_IP_PACKET_FULL($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18) ;
+ _id := INSERT_IP_PACKET_FULL($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$47);
IF (ip_protocol = 6) THEN
PERFORM INSERT_TCP_FULL(_id,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28,$29,$30);
ELSIF (ip_protocol = 17) THEN
Modified: branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c
===================================================================
--- branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c 2008-04-29 14:18:17 UTC (rev 7517)
+++ branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c 2008-04-29 14:34:30 UTC (rev 7518)
@@ -34,7 +34,7 @@
/* configuration entries */
static struct config_keyset libulog_kset = {
- .num_ces = 7,
+ .num_ces = 8,
.ces = {
{
.key = "bufsize",
@@ -78,6 +78,13 @@
.options = CONFIG_OPT_NONE,
.u.value = 0,
},
+ {
+ .key = "numeric_label",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u.value = 0,
+ },
+
}
};
@@ -88,6 +95,7 @@
#define unbind_ce(x) (x->ces[4])
#define seq_ce(x) (x->ces[5])
#define seq_global_ce(x) (x->ces[6])
+#define label_ce(x) (x->ces[7])
enum nflog_keys {
NFLOG_KEY_RAW_MAC = 0,
@@ -108,6 +116,7 @@
NFLOG_KEY_OOB_PROTOCOL,
NFLOG_KEY_OOB_UID,
NFLOG_KEY_OOB_GID,
+ NFLOG_KEY_RAW_LABEL,
};
static struct ulogd_key output_keys[] = {
@@ -252,6 +261,12 @@
.flags = ULOGD_RETF_NONE,
.name = "oob.gid",
},
+ {
+ .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .name = "raw.label",
+ },
+
};
static inline int
@@ -275,6 +290,9 @@
ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value;
ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
+ ret[NFLOG_KEY_RAW_LABEL].u.value.ui8 = label_ce(upi->config_kset).u.value;
+ ret[NFLOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID;
+
if (ph) {
/* FIXME */
ret[NFLOG_KEY_OOB_HOOK].u.value.ui8 = ph->hook;
Modified: branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c
===================================================================
--- branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c 2008-04-29 14:18:17 UTC (rev 7517)
+++ branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c 2008-04-29 14:34:30 UTC (rev 7518)
@@ -34,7 +34,7 @@
/* configuration entries */
static struct config_keyset libulog_kset = {
- .num_ces = 3,
+ .num_ces = 4,
.ces = {
{
.key = "bufsize",
@@ -54,6 +54,13 @@
.options = CONFIG_OPT_NONE,
.u.value = ULOGD_RMEM_DEFAULT,
},
+ {
+ .key = "numeric_label",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u.value = 0,
+ },
+
}
};
enum ulog_keys {
@@ -71,6 +78,7 @@
ULOG_KEY_RAW_MAC_LEN,
ULOG_KEY_OOB_FAMILY,
ULOG_KEY_OOB_PROTOCOL,
+ ULOG_KEY_RAW_LABEL,
};
static struct ulogd_key output_keys[] = {
@@ -167,6 +175,11 @@
.flags = ULOGD_RETF_NONE,
.name = "oob.protocol",
},
+ {
+ .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .name = "raw.label",
+ },
};
@@ -181,6 +194,9 @@
ret[ULOG_KEY_RAW_MAC_LEN].flags |= ULOGD_RETF_VALID;
}
+ ret[ULOG_KEY_RAW_LABEL].u.value.ui8 = ip->config_kset->ces[3].u.value;
+ ret[ULOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID;
+
/* include pointer to raw ipv4 packet */
ret[ULOG_KEY_RAW_PCKT].u.value.ptr = pkt->payload;
ret[ULOG_KEY_RAW_PCKT].flags |= ULOGD_RETF_VALID;
Modified: branches/ulog/ulogd2/ulogd.conf.in
===================================================================
--- branches/ulog/ulogd2/ulogd.conf.in 2008-04-29 14:18:17 UTC (rev 7517)
+++ branches/ulog/ulogd2/ulogd.conf.in 2008-04-29 14:34:30 UTC (rev 7518)
@@ -97,6 +97,7 @@
[log2]
group=1 # Group has to be different from the one use in log1
addressfamily=10 # 10 is value of AF_INET6
+numeric_label=1 # you can label the log info based on the packet verdict
# ebtables logging through NFLOG
[log3]
@@ -106,6 +107,7 @@
[ulog1]
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
nlgroup=1
+#numeric_label=0 # optional argument
[emu1]
file="/var/log/ulogd_syslogemu.log"
More information about the netfilter-cvslog
mailing list